Over on Salted Hash, Steve Ragan reports on yet another MongoDB Database leak uncovered by Chris Vickery. This one involves a database for sanriotown.com, the official online community for Hello Kitty and other Sanrio characters. As such, a lot of children’s information may be in the database. The records exposed include first and last names, birthday…
Category: Of Note
Healthcare industry gets cybersecurity support in omnibus bill
Beth Kutscher reports: The healthcare information technology sector is hailing healthcare-specific cybersecurity provisions that have made their way into the massive omnibus legislation that Congress passed on Friday. The $1.1 trillion spending and tax extender bill, which is now on its way to President Barack Obama, includes language that closely follows the recommendations from the Healthcare Information…
UK: Schools reported for hack attacks and data breaches avoid ICO punishment
From the get-of-jail-free dept., Freddie Whittaker reports: Dozens of schools that breached data protection rules have walked away without punishment, despite being reported to the information watchdog. New figures obtained exclusively by Schools Week show that during the past school year the Information Commissioner’s Office (ICO) dealt with 66 reports of breaches by schools of the Data…
LifeLock to Pay $100 Million to Consumers to Settle FTC Charges it Violated 2010 Order (Updated)
I had previously reported that LifeLock was negotiating to settle FTC charges that it had violated a 2010 consent order. Now it’s official. From the FTC: LifeLock will pay $100 million to settle Federal Trade Commission contempt charges that it violated the terms of a 2010 federal court order that requires the company to secure…
UAE: Extortion demand refused by InvestBank, hacker goes on data dump rampage
Mazhar Farooqui reports an update to a hack and data dump involving InvestBank customers: The cyber criminal who hacked into a Sharjah bank last month has gone on the rampage. After the bank refused to give into his blackmail and pay $3 million in ransom money, the criminal Hacker Buba has posted the confidential details…
Europe Approves Tough New Data Protection and Breach Notification Rules
Mark Scott reports that new EU data protection directives were (finally) approved yesterday, and will go into effect in 2017. Some of the directives will have significant impact for American businesses, regardless of whether they maintain headquarters or offices in the EU. Scott summarizes some of the new directives, and there are a few that…